我想用自己的教程製作自己的論壇。我已經修復了很多錯誤,而且我還有1項工作要做。如何從網址獲取ID值?
當您在線程上發佈回覆時,它會將您的回覆保存在MySQL數據庫中。您的回覆將有一個int,與您回覆的線程ID相匹配,稱爲question_id。
我不能讓我的代碼從URL欄中獲取線程ID。
這些是兩行代碼是應該做的工作:
$id = $_GET['id'];
$sql2="INSERT INTO $tbl_name(question_id, a_id, a_name, a_email, a_answer, a_datetime)VALUES('$id', '$Max_id', '$a_name', '$a_email', '$a_answer', '$datetime')";
這是整個文件add_answer.php
<?php
$host="XXXXXX"; // Host name
$username="XXXXXX"; // Mysql username
$password="XXXXXX"; // Mysql password
$db_name="XXXXXX"; // Database name
$tbl_name="XXXXXX"; // Table name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Get value of id that sent from hidden field
$id = $_GET['id'];
var_dump($id);
// Find highest answer number.
$sql="SELECT MAX(a_id) AS Maxa_id FROM $tbl_name WHERE question_id='$id'";
$result=mysql_query($sql);
$rows=mysql_fetch_array($result);
// $result=mysql_query($sql) or die(mysql_error());
// add + 1 to highest answer number and keep it in variable name "$Max_id". if there no answer yet set it = 1
if ($rows) {
$Max_id = $rows['Maxa_id']+1;
}
else {
$Max_id = 1;
}
// get values that sent from form
$a_name=$_POST['a_name'];
$a_email=$_POST['a_email'];
$a_answer=$_POST['a_answer'];
$datetime=date("d/m/y H:i:s"); // create date and time
// Insert answer
$sql2="INSERT INTO $tbl_name(question_id, a_id, a_name, a_email, a_answer, a_datetime)VALUES('$id', '$Max_id', '$a_name', '$a_email', '$a_answer', '$datetime')";
$result2=mysql_query($sql2) or die(mysql_error());
if($result2)
{
echo "Successful<BR>";
echo "<meta http-equiv='refresh' content='4;url=index.php?content=main_forum' />";
// If added new answer, add value +1 in reply column
$tbl_name2="forum_question";
$sql3="UPDATE $tbl_name2 SET reply='$Max_id' WHERE id='$id'";
$result3=mysql_query($sql3);
}
else {
echo "An error as occured. Please report this to administrator. ID: FAA01.";
}
mysql_close();
?>
$ _GET ['id']應該工作,如果你的URL看起來像/post.php?id=21,你的URL是怎麼樣的? – Niels
你的代碼容易受到SQL注入攻擊,http://php.net/manual/en/security.database.sql-injection.php。 – kba
我真的希望你不這樣做......如果你直接在你的SQL查詢中包含GET'id'變量,你的論壇不會持續很長時間... – user544262772